package com.example.objectstoragejava.web;

import io.minio.credentials.AssumeRoleProvider;
import io.minio.credentials.Credentials;
import org.springframework.web.bind.annotation.*;

import java.security.NoSuchAlgorithmException;

@RequestMapping("minio")
@RestController
@CrossOrigin
public class MinioUpload {
    //服务所在ip地址和端口
    public static final String ENDPOINT = "http://127.0.0.1:9000/";

    //mc的用户名
    public static final String ACCESS_KEY_COMPANY = "sts";
    //mc的密码
    public static final String SECRET_KEY_COMPANY = "123456789";
    //aws服务端点
    public static final String REGION = "cn-beijing-2";
    //上传的bucket名
    public static final String BUCKET = "lee-admin";
    //授权策略，允许访问名为bucket的桶的目录
    public static final String ROLE_ARN = "arn:aws:s3:::lee-admin/*";
    public static final String ROLE_SESSION_NAME = "anysession";
    //定义策略，可进行二次限定
    public static final String POLICY_GET_AND_PUT = "{\n" +
            " \"Version\": \"2012-10-17\",\n" +
            " \"Statement\": [\n" +
            "  {\n" +
            "   \"Effect\": \"Allow\",\n" +
            "   \"Action\": [\n" +
            "    \"s3:GetObject\",\n" +
            "    \"s3:GetBucketLocation\",\n" +
            "    \"s3:PutObject\"\n" +
            "   ],\n" +
            "   \"Resource\": [\n" +
            "    \"arn:aws:s3:::lee-admin/*\"\n" +
            "   ]\n" +
            "  }\n" +
            " ]\n" +
            "}";

    @GetMapping(value = "get-sts")
    public Credentials sts() throws NoSuchAlgorithmException {
        //创建签名对象
        AssumeRoleProvider provider = new AssumeRoleProvider(
                ENDPOINT,
                ACCESS_KEY_COMPANY,
                SECRET_KEY_COMPANY,
                30000,
                POLICY_GET_AND_PUT,
                REGION,
                ROLE_ARN,
                ROLE_SESSION_NAME,
                null,
                null);
        Credentials credentials = provider.fetch();
        return credentials;
    }
}
